Cybersecurity Compliance Engineer

Clear Labs is seeking an outstanding Cybersecurity Compliance Engineer, who will be responsible for developing and maintaining information security policies, procedures, and technologies to ensure the protection of networks, systems, applications, and data. This role will support the identification and mitigation of security-related risks and other risks associated with business continuity planning, the security operations center (SOC), and disaster recovery.

Individuals applying for this position shall be self-starters, action driven, thrive in a fast-paced startup environment, excel at managing multiple priorities, succeed in communicating across the organization and with external partners, and provide immediate contribution.

Key Responsibilities:

• Develop, implement, maintain, and monitor the cybersecurity-related compliance of policies, procedures, and associated plans.
• Make broad recommendations on improving security compliance related processes and/or procedures and partner with stakeholders to implement solutions
• Preserve all records and documents which indicate change control in order to facilitate; including, but not limited to, audits and other investigations.
• Establish and maintain a cybersecurity related change management review and control process.
• Develop and maintain written security controls and compliance policy and procedure.
• Maintain reliable, up-to-date, information regarding security and compliance changes and trends.
• Ensure execution of required testing and remediation activities leading to successful security audits/certification(s).
• Support and comply with the company’s Quality Management System policies and procedures.

Requirements

Required Skills and Background:

• Bachelor’s degree in Information Technology or other related fields
• Experience in Information Security Compliance and Assurance and preparing responses to information security audits and questionnaires.
• Ability to perform IT-related tasks to include risk assessments, IT audits, security planning, systems accreditation, and policy development.
• Demonstrated strong knowledge of common information security management frameworks to include the NIST, ISO 27001, SOC 2, SOX, FedRAMP, etc.

Desired Skills and Background:

• Completion of or in-progress coursework toward cybersecurity-related certifications: GCIH, GSEC, GMON, CISA, Network+, Security+ or related certifications.
• Incident response experience. Creating or running Incident-Response programs.
• Experience with GRC tools, such as Tugboat Logic, RSA Archer, Fusion, etc.

Benefits

• Full medical, dental, vision insurance
• Onsite organic snacks
• Lunch onsite 5 days a week
• Unlimited Flexible Time Off
• Life Insurance (Basic, Voluntary & AD&D)
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Training & Development
• Stock Option Plan